Commitment to Threat Detection and Response Grows, but Cybersecurity Survey Shows Lack of Maturity in Threat-Driven Operations
Cybersecurity and IT professionals seek to make better use of existing investments and improve integration among tools and teams; however, threat detection and response requires continuous end-to-end visibility across the entire cyber terrain, Fidelis Cybersecurity expert warns
Recent research from Enterprise Strategy Group (ESG), sponsored by Fidelis Cybersecurity (Fidelis), a leading provider of threat detection, threat hunting, and response solutions, shows IT and cybersecurity professionals in North America are focused on improving threat detection and response and trimming unmanageable technology stacks for security. While these are crucial and important goals, Fidelis warns that a focus on threat detection and response (TDR) without a larger reckoning of the dramatically changing cyber terrain will dampen the impact of improved TDR.
“While it’s great to see increased investment and usage of threat detection and response capabilities, these capabilities must be coupled with continuous visibility across the terrain they are protecting, and a full audit of what is already within the enterprise security tech stack,” explained Craig Harber, CTO of Fidelis.
ESG’s report found that 76% of organizations believe that threat detection and response is more difficult today than it was two years ago – due to an increase in the volume and sophistication of cyber-threats, a growing attack surface and cybersecurity workload, and the number of security products in organization tech stacks generating an unmanageable number of alerts, among other factors. Additionally, 87% of organizations reported having a formal plan and funding to improve TDR.
However, only 57% of respondents are looking to integrate or add solutions or services to make better use of existing investments to support TDR. Respondents plan to do this by shifting toward an integrated software architecture that combines siloed security solutions, or via purchase of security operations tools designed to help automate and orchestrate security operations processes.
“While organizations should be looking to integrate tools, automate and streamline processes, even more crucially, there needs to be a focus on removing blind spots within their cyber terrain,” added Harber. “Too many enterprises have spent the last decade throwing money at point solutions meant to keep attackers out, even while the terrain they protect has grown massively. I challenge anyone in cybersecurity today to tell me they know their entire network, much less all the capabilities within the tools they already own. Organizations need to move towards true threat-driven operations, which requires more rigorous mapping of the cyber terrain, related vulnerabilities and putting into place a streamlined and integrated tech stack that provides the continuous end-to-end visibility solutions that actually support SOC teams in threat detection and response.”
Harber continued, “No single offering or vendor can provide 100% coverage, so it will be important to know your terrain, understand what adversary tactics or techniques can be detected by what vendor technologies, as well as the response technologies positioned to effectively defeat the adversary.”
More details from the ESG survey are available below:
- Read the Threat Detection and Response Landscape report
- Watch the video which highlights some of the key findings
- Learn how to improve your TDR from Fidelis experts
Fidelis Cybersecurity combats the full spectrum of cyber-crime, data theft and espionage. A leading provider of threat detection, hunting and response solutions, Fidelis provides full visibility across hybrid environments, automates threat and data theft detection, empowers threat hunting, and optimizes incident response with context, speed and accuracy. Fidelis is trusted by Global 1000s and Governments as their last line of defense.
The Fidelis Elevate® platform captures rich metadata from across the threat landscape and combines that content to enable real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment.
For more information go to www.fidelissecurity.com. Fidelis Cybersecurity is a portfolio company of Skyview Capital.
